Filtered by vendor Kde
Subscriptions
Total
197 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50624 | 1 Kde | 1 Kmail | 2024-10-30 | 5.9 Medium |
| ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is related to kmail-account-wizard. | ||||
| CVE-2021-28117 | 1 Kde | 1 Discover | 2024-10-15 | 7.5 High |
| libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.) | ||||
| CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2024-09-17 | N/A |
| Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | ||||
| CVE-2017-9604 | 1 Kde | 3 Kde, Kmail, Messagelib | 2024-09-17 | N/A |
| KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2010-0923 | 1 Kde | 1 Kde Sc | 2024-09-17 | N/A |
| Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes. | ||||
| CVE-2007-1565 | 1 Kde | 1 Konqueror | 2024-09-16 | N/A |
| Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI. | ||||
| CVE-2002-2333 | 1 Kde | 1 Kde | 2024-09-16 | N/A |
| Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | ||||
| CVE-2024-1433 | 1 Kde | 1 Plasma-workspace | 2024-09-05 | 3.1 Low |
| A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eventpluginsmanager.cpp of the component Theme File Handler. The manipulation of the argument pluginId leads to path traversal. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 6cdf42916369ebf4ad5bd876c4dfa0170d7b2f01. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-253407. NOTE: This requires write access to user's home or the installation of third party global themes. | ||||
| CVE-2000-0918 | 1 Kde | 1 Kvt | 2024-08-08 | N/A |
| Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters. | ||||
| CVE-2000-0530 | 2 Caldera, Kde | 2 Openlinux, Kde | 2024-08-08 | N/A |
| The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | ||||
| CVE-2000-0481 | 1 Kde | 1 K-mail | 2024-08-08 | N/A |
| Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | ||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2024-08-08 | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | ||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2024-08-08 | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | ||||
| CVE-2000-0373 | 1 Kde | 1 Kvt | 2024-08-08 | N/A |
| Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. | ||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2024-08-08 | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | ||||
| CVE-2001-1197 | 1 Kde | 1 Kdeutils | 2024-08-08 | N/A |
| klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | ||||
| CVE-2001-0782 | 1 Kde | 1 Ktv | 2024-08-08 | N/A |
| KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. | ||||
| CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-08-08 | N/A |
| kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | ||||
| CVE-2002-1281 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
| Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. | ||||
| CVE-2002-1224 | 2 Kde, Redhat | 2 Kde, Linux | 2024-08-08 | N/A |
| Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. | ||||